WebScarab

From: Dawes, Rogan (ZA - Johannesburg) (rdawes@deloitte.co.za)
Date: Tue Oct 28 2003 - 11:39:19 EST

• Next message: R. DuFresne: "Re: Pen testing wireless::"
• Previous message: c0ded: "Re: Wireless network assessment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all,

WebScarab is an HTTP/HTTPS proxy that allows the operator to view, and
modify traffic passing through it. It also has other functionality
accessible directly through the GUI that is useful for pen-testing web
applications.

A new version of WebScarab has just been released on Sourceforge. You
can get it at
http://sourceforge.net/project/showfiles.php?group_id=64424&release_id=1
93530

WebScarab is now distributed as an installable JAR, and includes source
(as an optional extra) and a build.xml file to make it easy for users to
modify the source, and rebuild the app, if necessary.

Significant changes are:

* A BeanShell proxy plugin has been implemented to allow dynamic
programmatic changes to requests and responses.
* The Exodus Transcoder frame, proxy debugging support, and a shared
cookie jar for the Proxy, Spider, and Manual plugins have been added.
* There is support for 100 Continue messages.

All feedback is appreciated.

Rogan

Important Notice: This email is subject to important restrictions, qualifications and disclaimers ("the Disclaimer") that must be accessed and read by clicking here or by copying and pasting the following address into your Internet browser's address bar: http://www.Deloitte.co.za/Disc.htm. The Disclaimer is deemed to form part of the content of this email in terms of Section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you cannot access the Disclaimer, please obtain a copy thereof from us by sending an email to ClientServiceCentre@Deloitte.co.za.

---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------

• Next message: R. DuFresne: "Re: Pen testing wireless::"
• Previous message: c0ded: "Re: Wireless network assessment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:41 EDT